[German]Cisco has released last week a patch for a vulnerability in its IOS XR software. The vulnerability, CVE-2022-20821 (CVSS score: 6.5), allows an unauthenticated, remote attacker to connect to a Redis instance and achieve code execution. The vulnerability is already being exploited.
Advertising
Cisco published the Cisco IOS XR Software Health Check Open Port Vulnerability security advisory on May 20, 2022. It states that a vulnerability in the Cisco IOS XR Software Health Check RPM could allow an unauthenticated, remote attacker to access the Redis instance running inside the NOSi container.
This vulnerability exists because the Health Check RPM opens TCP port 6379 by default when it is activated. An attacker could exploit this vulnerability by connecting to the Redis instance through the open port. A successful attack could allow the attacker to write to the Redis in-memory database, write arbitrary files to the container file system, and retrieve information about the Redis database.
Given the configuration of the sandbox container running the Redis instance, an attacker would not be able to execute remote code or abuse the integrity of the Cisco IOS XR software host system. Cisco has released software updates that address this vulnerability. Workarounds are available to address this vulnerability. Details on the vulnerability, how to check if you are affected and countermeasures can be read in the linked advisory. (via)
Advertising